What is a virus, and tips on how to know.

**deathr3in** · 08-29-2011

Hello mpgh users,
Computer saftey is always the first thing

I just wanted to help out you guys by giving u guys tips how to know if someone posted a virus and what is a false positive compared to a real virus, and the types of viruses that can fuck up your cpu and ur personal info. This may be good for u new users.

What is a False Positive?

A false positive occurs when a virus scanner erroneously detects a 'virus' in a non-infected file. False positives result when the signature used to detect a particular virus is not unique to the virus - i.e. the same signature appears in legitimate, non-infected software. These detections often occur in packers and injectors.

Lists of real viruses
--------------------------------------------------------------------------
List of Absolutely 99.99% of the Time Viruses
Ardamax (Associated with Ardamax Commercial Keylogger)
Trojan.Dropper (TR/Dropper.Gen) - This is a type of virus, but this type is most of the time malicious
Perfect Keylogger (Associated with Perfect Commercial Keylogger)
Sality
CyberGate (Associated with the CyberGate Remote Administration Tool)
Dybalom (Usually associated with iStealer)
Neshta
Turkojan (Turkojan RAT)
Bifrost
Ramnit/Quolko
ZBot

List of Known False Positives
Hupigon
Eldorado
WS.Reputation.1
Artemis
Themida
ASPack
OnlineGame(s)
-------------------------------------------------------------------------
Malicious Programs

RAT: A RAT is a Remote Administration Tool. This program allows the controller to take control of the victim's computer and make it do whatever the controller wants. More Information - Wikipedia

Keylogger: A keylogger is a program that records the victim's keystrokes and sends the information to an email or website via FTP. This is the most common type of personal grade viruses due to its accessibility. More Information - Wikipedia

Malware: Malware, short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. More Information - Wikipedia

Adware: Adware, or advertising-supported software, is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used. Spyware is included under the umbrella of adware and malware. More Information - Wikipedia

FUD Crypter: Fully Undetected (FUD) crypter basically takes a detected virus and turns it into a undetected virus that either few or no anti-virus programs can pick it up. Sorry to tell you this but any file can have a virus and you can never be safe. (But apparently SandBoxie is a good place to start)

Stealer: A stealer does what it sounds like it does. It steals your account information saved on your computer. Cookies. If you pressed "save password for mpgh.net, then a stealer will take that information and send it to the person who created the virus.

--------------------------------------------------------------------------
*.bat and *.cmd files:
For these ones, you have to worry more about pranks than receiving a virus but when there is a will, there's a way (picture of a *.bat). As you can see in that picture! So basically, before you run the *.bat file, right click, edit (with notepad or wordpad), and then see what the text file says. If you see a bunch of "del" (short for delete) followed by things like system or windows or anything you don't want deleted, then delete the file. Also, if you see the shutdown command, I don't suggest running the file either.

--------------------------------------------------------------------------
The Join Date:
The join date should be the very first red flag. If the user joined within the day of the post or within the week or so, you should be VERY careful. I'm not saying that ALL new members are evil malicious virus posters and you shouldn't download their files, I'm just saying that you should watch out. Read other people's comments and scan the file(s) before running/extracting anything. Yes, I understand that this is basic knowledge but regardless, some people just think about the hacks and disregard the risks of running the program. Ultimately, this one slip-up could result in a keylogger, RAT, and may require a disk reformat and may also lead to a loss of a lot of money.
-------------------------------------------------------------------------
Their Post Count:
Most of the time, the post count is related to their risk factor. 1 post is very suspicious because that basically means that they have never posted anything before including other hacks, tutorials, or useful things that would show that the person has experience as a programmer/trustworthy person. Same note as above, not all low posters are evil nubs.
--------------------------------------------------------------------------
How to know if u downloaded a virus:

If you are not sure if u downloaded a keylogger or RAT go to task manger (u can do this by Ctrl + Alt + Delete) then click on processes and if you see more than 1 winlogon.exe or a thing what doesn't have a location or just the name of it(if i was u i would search up the thing on google just to make sure it is not a keylogger or RAT) you are being keylogged or RAT.
-------------------------------------------------------------------------
To remove the keylogger or RAT click end process on the thing what just says the name of it. Important: If you have 2 winlogon.exe and your not sure what to click, I wouldn't click end process, because if u end the wrong thing it will cause your computer to crash as well as u have to fix it. To remove the virus than clicking end process on winlogon.exe, just get a good anti virus and do a full scan of it.
--------------------------------------------------------------------------
If all of u people read this, this may reduce the viruses downloaded on mpgh.net,

Thanks for reading
I know that this might be leeched (copy and pasted to a different site) but always hope it helped.
--------------------------------------------------------------------------
link: https://imageshack.us/f/571/unledbs.jpg/